<?php
include('common.php');


$password = end_encode($_POST['password']);
$newpassword = end_encode($_POST['newPassword']);

if ($_SESSION['user']['password'] == $password && $newpassword)
{
	$users = require 'data/users.php';

	$users[$_SESSION['user']['username']]['password'] = $newpassword;
	save_settings('data/users.php',$users);
	$_SESSION['user'] = $users[$_SESSION['user']['username']];
	exit_ok();
}
else
{
	exit_error('password error');
}